JavaOne Wrap-Up: Top Third-Party Product Announcements

Oracle and the Java community made relatively few new announcements at the annual JavaOne conference last week, but a number of Java vendors did. Three announcements from local companies stood out for me at this year's show:.

Hazelcast, the Palo Alto, Calif.-based provider of an open-source, In-Memory Data Grid (IMDG) solution by the same name, made big news at the show with the launch of its JCache implementation. Hazelcast 3.3.1 JCache, which is the JCache-compatible version of Hazelcast, is now drop-in "pin compatible" with Oracle's Coherence IMDG and Ehcache. Hazelcast CEO Greg Luck wrote the latter, which is one of the most widely used open-source Java caching solutions. Luck is also a co-author of the JCache spec, along with Brian Oliver, who architected Oracle Coherence. Coherence, Ehcache, and Hazelcast are the only JCache implementations currently available.

The JCache project was the longest running Java specification request (JSR) in the history of Java and the Java Community Process (JCP) until it earned approval in March. JSR-107, the spec request for Java Temporary Caching API, specified the semantics for the temporary, in-memory caching of Java objects. The JSR languished for years until Terracotta and Oracle began funding it recently. Terracotta is probably best known for its commercial development of Ehcache.

Mountain View, Calif.-based Coverity launched the free beta of its new cloud-based service for Java developers at the show. The new Code Spotter service, which is built on Coverity's static code analysis platform, is designed to help developers find difficult-to-detect defects in Java code. The service allows Java devs to upload their source code to the cloud, where it is analyzed for known issues in Java code bases, such as resource leaks, race conditions, concurrency issues, and null pointer dereferences. With this new service, the company is "democratizing access" to its testing solution, the company said.

Coverity, which is a subsidiary of Synopsys, launched a "developer-first security" effort last year, during which it began promoting the idea of putting security into the hands of developers. In January, the company released a new version of its dev/test platform that provides Java developers with expanded coverage for the Open Web Application Security Project's (OWASP) Top 10 and Common Weakness Enumeration (CWE) security vulnerabilities in Java apps. The open-source OWASP identifies 10 of the most critical Web app security risks each year. The CWE is a community project sponsored by the Mitre Corporation to create a catalog of software security vulnerabilities.

Software build and distribution company JFrog launched a new commercial version of its Bintray open-source distro platform at this year's show: Bintray Premium. Bintray, which won a Duke's Choice Award last year, is a cloud platform for developers who want to store, publish, download, promote, and share software. (In other words, all of them.) The San Francicso-based company's commercial version supports "premium repositories," with unlimited storage and downloads, full download stats, access control, and download tracking, among other features.

BTW: The company won a Duke's Choice in 2011 for its Artifactory binary repository manager.

Posted by John K. Waters on 10/07/2014 at 11:45 AM0 comments

Ellison Speaks at Oracle Open World

Is it possible that Larry Ellison's decision to step down as CEO of Oracle will mean we actually see more of him? He has made two appearances so far at the annual Oracle OpenWorld conference in San Francisco this week under his new titles of Executive Chairman and Chief Technology Officer. Last year he bailed on his conference keynote to focus on the America's Cup, during which Oracle Team USA was staging an admittedly thrilling comeback. Attendees who traveled from...well, everywhere....and paid to see the guy were not sympathetic.

Ellison started his afternoon appearance yesterday with what amounted to an apology for his absence last year, and then launched into his familiar get-through-this-and-kill-'em-with-numbers pace. But then he slowed down, joked with the crowd, and worked his way amiably through a couple of demos.

"Because of my new job as CTO, I gotta do my demos by myself," he said. "Almost nobody works for me anymore." He hastily added, "I love my new job, by the way."

Maybe it was the V-neck sweater and slacks, but Ellison seemed to relax into his promised drill down on Oracle's platform-as-a-service (PaaS) offering. During his demo, he showed how users could migrate an on-premises Java application to Oracle's cloud database and WebLogic server. It took a bit more than the "push of a button" he'd talked about during his Sunday keynote opener, but not much.

Oracle continues to bet big (if a bit behind the competition) on the cloud. On Sunday, Ellison touted his company's upgraded cloud platform as an all-in-one environment for running apps and data, and for building out new apps as customers move to the cloud. The Oracle offering includes a "massively upgraded" PaaS featuring Oracle Database 12c; infrastructure-as-a-service (IaaS); and rapidly growing software-as-a-service (SaaS). The company claims to have picked up more than 2,100 new SaaS customers over the past year. "We have by far the largest portfolio of cloud applications of anybody," Ellison declared. "We built a lot more in 2014. We bought a lot more in 2014. We definitely had a build-and-buy strategy."

Ellison sounded like his old trash-talking self on Sunday as he took swipes at the competition, including SAP, Amazon, Workday, and He singled out SAP, which recently bought Concur Technologies, a travel and expense software provider, in a deal worth $8.3 billion. He focused on the company's Hana in-memory computing platform.

"I'm going to try to be nice," Ellison said. "But it's so hard. I have no idea what runs on Hana. It's rude but it's the truth. And it's kinda funny. What cloud? Let's just talk about Earth."

He also took a shot at Oracle is the only cloud vendor that "lets you use the same platform it builds on to extend cloud apps," he said, while uses the Oracle platform to build its apps, and then relegates its customers to extending apps with its proprietary and Salesforce1 platforms. Still, he allowed that Salesforce "is the best of the rest, because at least they have a platform. The other guys… they don't even have a platform. It's missing in action."

Hard to believe Ellison is now 70 years old, and even harder to imagine the hyper-competitive exec slowing down. Forbes just published its annual list of the 400 Wealthiest Americans, and Ellison came in third, behind Warren Buffett (second) and Bill Gates (first), and just ahead of the Koch brothers. What do retirees do when they're worth $47.6 billion?

Of course, Ellison isn't retiring, is he? There's a reason we're not hearing much "end of an era" talk around his move. He's not actually leaving the company he co-founded. He's not even stepping away from day-to-day involvement in the company's operations. He'll be free of some responsibilities; Safra Catz will continue to look after manufacturing, finance, and legal operations, and Mark Hurd will continue managing the company's sales, service, and global business units. But Ellison is now head of engineering and product development, so he'll still be working with Hurd and Catz -- my guess is, closely.

I asked OpenWorld attendees what they thought about Ellison's decision to step down from the big chair. Several said they thought it was a smart move that freed Ellison from some responsibilities without reducing his influence. "Let's face it, how would a person who is both the CTO and Chairman of the Board of a tech company not tell the CEOs where the company is going or should go?" said attendee Keith Gapol, IT associate at Agilent Technologies. "He will still be driving the development direction of the company."

I also heard comments like this one from an attendee from the UK: "Oof! I've had enough of that man!"

Most of the people I talked to were unphazed by the Oracle executive shuffle. A developer who flew in for the event from Boston summed up what I found in my unscientific survey to be the prevailing opinion: "I don't think it'll make that much of a difference," he said. "I mean, he's not really going anywhere, is he?"

Posted by John K. Waters on 10/01/2014 at 2:08 PM0 comments

JavaOne 2014 Preview: NetBeans Day, IoT and Rock 'n' Roll

It's time again for the annual JavaOne gathering of Java jocks in San Francisco for a week of drink…I mean, learning and networking. I kid, but that's because the anxiety over how well this touchstone event would weather its assimilation by Oracle OpenWorld has largely dissipated. For all intents and purposes, JavaOne continues to survive with its identity intact.

The primary venues for this year's event, which runs from Sept. 28 through Oct. 2, are the Hilton San Francisco Union Square and the Parc 55 Wyndam, but some related events are scheduled for the Nikko Hotel. (My feet ache already.) The annual Strategy Keynote is set for Sunday afternoon at the north hall of the Moscone Center, the event's former home. The usual suspects will be on hand: Georges Saab, Peter Utzschneider, Cameron Purdy, and John Duimovich. Mark Reinhold will again give the Technical Keynote. The Community Keynote is set for Thursday morning.

I'm especially excited about the NetBeans Community Day 2014 (Sunday, September 28), which throws a spotlight on one of the least talked about and yet most popular Java IDEs. Rather than individual presenters, the NetBeans Day sessions will take the form of moderated panels of experts, including some genuine Java rockstars. The father of Java himself, James Gosling, will be there, moderating a panel focused on how they use the editors, debuggers, and profilers from NetBeans (which Gosling has called his favorite IDE) to program and interact with devices. (Expect some insights into Gosling's recent passion: sea-going robots.)

NetBeans Community Day has a lineup of six panel sessions offering real-world stories and demos of NetBeans new features in action, presentations about developing Java EE apps with Maven, talks about working with free Java tools, and a discussion about teaching with free Java tools. Session presenters include speakers from Jelastic, ZeroTurnaround, Codename One, VMware, QAware, Boeing, Kodewerk and JClarity, among others.

Among the rumored announcements I'm the most curious about is some news expected from the Eclipse Foundation about an Open IoT Stack for Java. The Foundation has been working for a couple of years now on its Internet of Things initiative, first focusing on M2M, and then expanding to include the broader IoT. The Foundation will have a booth at this year's show, where reps will be demoing some of the projects from that initiative, Ian Skerrett promised in a recent blog post. He also listed a number of Eclipse-related talks scheduled for this year's show. Lots of IoT stuff in there, but also Java 8, JavaFX, Eclipse Luna, the cloud and Java EE.

If you needed proof that IoT has graduated from buzzword to serious software category, look no further than all the sessions in the JavaOne IoT track. It's a long list, covering topics ranging from OSGi-based architectures to Gosling's robots. Need more? IoT will figure prominently in James Weaver's community keynote on Thursday, he said in a short conference page Q&A. Weaver is a Java developer, author, and consulting member of Oracle's Technical Staff. He has, the post observed, "a passion for Java, rich-client applications, and the Internet of Things (IoT)."

I'm also interested in what I think is a new addition to the conference floor: a Meet the Experts area, which was mentioned in a recent post on the Glassfish blog: The Aquarium. It's described as "a designated space in the JavaHub where most of the Specification Leads will be present at a dedicated time." Could be a mob scene; could be a golden opportunity to get some face time. Oracle's Java EE Evangelists and Heather VanCura from the JCP will also be there.

One obvious advantage of the Oracle connection is the "attendee appreciation" events, which this year include geezer rockers Aerosmith, millennials fav Macklemore and Ryan Lewis, and the Brit band Spacehog.

Remember: learning and networking.

Posted by John K. Waters on 09/24/2014 at 9:21 AM0 comments

The Internet of Things Needs Open Source

Ian Skerrett is probably best known for his role at the Eclipse Foundation as vice president of marketing, but for the past two-plus years he's also been leading the Eclipse effort to foster an open-source community around the Internet of Things (IoT).

 "If you look at the Internet today, it's run on open source," Skerrett told me. "Linux, Apache and open standards like HTTP are the building blocks. If we're really going to get an Internet of Things, we need a set of core building blocks that anyone can use to develop commercial or internal solutions." 

Eclipse IoT now includes 15 projects collectively aiming to reduce the complexity of developing IoT/M2M solutions. Most of the Eclipse literature on this initiative uses that "IoT/M2M" label, because machine-to-machine communication is where it all started, and because it continues to be an essential part of IoT. But is IoT more all encompassing, which, Skerrett says, is what makes developing IoT solutions so challenging.

 "To put together an IoT solution today, you need people who understand gateways and networks, but also enterprise systems, data analytics, integration with ERP or CRM systems," he said. "There's some daunting complexity here, but we know that when you create frameworks and abstraction levels in software, it becomes much easier to put together these types of solutions."

 The mission of the Eclipse IoT initiative is to establish an open IoT/M2M platform that comprises a set of services and frameworks, open-source implementations of standard protocols, and an Eclipse-based IDE for simplifying IoT/M2M development. The current list of projects likely to become part of that platform includes the Paho Project, which provides scalable open-source client implementations of open and standard messaging protocols for IoT/M2M apps. That list also includes several frameworks: Kura, which is a set of Java and OSGi services commonly required for IoT gateways (I/O services, data services, cloud services, networking, etc.); Mihini, which is an open-source framework written in the Lua scripting language; OM2M, an open-source implementation of the ETSI M2M standard; and the Wakaama Project, which will provide a C portable framework for building LWM2M clients and/or servers.

There's also SmartHome  (named by Captain Obvious), which is a framework for building smart home solutions; Eclipse SCADA, which the Foundation describes as "a way to connect different industrial devices to a common communication system and post-process, as well as visualize the data to operating personnel;" and the Sandbox LWM2M Server, which provides a Web UI and a REST API to enable interaction with the registered clients. Koneki  is an M2M developer tools project that's using Lua as its primarily programming language.

 Eclipse IoT's protocol efforts are focused on providing open-source implementations of Message Queuing Telemetry Transport (MQTT), which is designed to connect "physical world devices" and networks with applications and middleware; CoAP (Constrained Application Protocol), which is a protocol specialized for use with constrained nodes and networks; and OMA LightweightM2M (LWM2M), which is an industry standard for device management of M2M/IoT devices.

 A complete list of Eclipse IoT projects is available on the Foundation Web site here.

Even better, Skerrett will give attendees of our upcoming App Dev Trends 2014 Conference  in December an in-depth look at the Eclipse IoT initiative and discuss the and the role of open source in the evolution of the Internet of Things.

Posted by John K. Waters on 09/17/2014 at 10:11 AM0 comments

Bugs Are Bad, But So Are Flaws: IEEE Sponsors Center for Secure Design

There's a difference between a bug and a flaw, and an impressive group of software security mavens thinks it's time to pay more attention to the latter. To shift some of the industry's focus away from finding implementation bugs and toward identifying common design flaws -- "the Achilles' heel" of security engineering -- the IEEE Computer Society has formed the Center for Secure Design (CSD).

The CSD grew out of a foundational workshop, held in April, which brought together software security experts from industry, academia and government to talk about the problem of secure software design. Among the 10 workshop participants were representatives from Twitter, Google, RSA, Intel and Harvard University.

Gary McGraw, CTO of Cigital, hosted a soirée at the Cantina art bar in San Francisco to launch the CSD and to generate interest in its mission. McGraw was among the original workshop members. "The price of admission was a bag of flaws -- a real bag of flaws -- from your practice," McGraw told attendees. "We dumped them all on the table and picked the tallest 10 piles."

That mission, by the way, is to "gather software security expertise from industry, academia and government" to provide guidance on "recognizing software system designs that are likely vulnerable to compromise" and "designing and building software systems with strong, identifiable security properties." And those 10 piles led to the publication of an inaugural CSD report, "Avoiding the Top 10 Software Security Design Flaws."

McGraw, who is author of numerous books about building secure software, called finding and fixing design flaws "the hardest problem that nobody has solved."

"Software security has grown into a $7 or $8 billion industry, and it's continuing to grow very fast," he told me. "But the field seems to be myopically focused on bugs and hackers. And yet, from a technical perspective, half of the problem is a design problem. We're hoping to shepherd the field in the right direction."

The CSD is part of a larger IEEE cybersecurity initiative launched this year "with the aim of expanding its ongoing involvement in cybersecurity." Jim DelGrosso, principal consultant at Cigital, will serve as the CSD's executive director. One of the problems the group will address, DelGrosso said, is the relative opaqueness of the work being done on design flaws.

"We've known about these things for a decade or three," he told attendees, "and yet the problems persist. We also know that this work is being done, but much of it is being done internally, so it's not available to the public. One of the goals of the CSD is to change that. We want people to stop making these mistakes."

Google information engineer Christoph Kern shared an example of such internal work from his own company, where he has been developing Web application frameworks that make it hard for developers to introduce cross-site scripting bugs. One team that adopted the frameworks saw a marked reduction in their bug-tracker stats. "There's a real connection between bugs and design-level considerations," he said.

Here's the list of initial participants in the Center for Secure Design:

  • Iván Arce, Sadosky Foundation
  • Neil Daswani, Twitter
  • Jim DelGrosso, Cigital
  • Danny Dhillon, RSA
  • Christoph Kern, Google
  • Tadayoshi Kohno, University of Washington
  • Carl Landwehr, George Washington University
  • Gary McGraw, Cigital
  • Brook Schoenfield, Intel/McAfee
  • Margo Seltzer, Harvard
  • Diomidis Spinellis Athens University of Economics and Business
  • Izar Tarandach, EMC
  • Jacob West, HP

Here are those top 10 security design flaws; each one is fleshed out considerably in the CSD report:

  • Earn or give, but never assume, trust
  • Use an authentication mechanism that cannot be bypassed or tampered with
  • Authorize after you authenticate
  • Strictly separate data and control instructions, and never process control instructions received from untrusted sources
  • Define an approach that ensures all data are explicitly validated
  • Use cryptography correctly
  • Identify sensitive data and how they should be handled
  • Always consider the users
  • Understand how integrating external components changes your attack surface
  • Be flexible when considering future changes to objects and actors

Posted by John K. Waters on 09/02/2014 at 6:43 AM0 comments

My Favorite Tech Gurus at App Dev Trends 2014: Intersimone, Skerrett, Matsumura, Balbes and More!

There's nothing like seeing the final agenda go up on a Web site to drive home the reality that you're chairing your first technology conference.


Fortunately for me, that agenda -- the one for our first ever App Dev Trends conference coming in December in Las Vegas -- is filled with workshops and sessions led by some of my favorite enterprise software experts, industry mavens, market watchers and serious codederos. I might be as nervous as a nerd at the prom about stepping onstage in my chairing duties (man, that simile brought up some bad memories), but I couldn't be more relaxed about our kick-ass presenter lineup.

I'm very excited, for example, to have David Intersimone (better known as "David I.") speaking at the show. Intersimone is vice president of developer relations and chief evangelist for toolmaker Embarcadero Technologies, and he's a programmer's programmer. He worked for more than two decades at Borland, the company that invented the IDE, then at CodeGear, the company that emerged from Borland's decision to shed its tools business. David will be presenting two sessions: "Integrating Devices and Gadgets into Your Enterprise" and "Clouds: The Final Frontier – Integrating BaaS into your Enterprise Apps."

We also have one of my all-time favorite conference keynoters, Miko Matsumura, leading a session. He's now vice president of developer relations at Hazelcast, the open source in-memory data grid company, but I first saw Miko when he served as chief Java evangelist at Sun Microsystems in the late '90s. (Back when he had shoulder-length hair!) He was one of the most visible spokespeople for Java back then, and a member of the team that popularized the Java platform among developers. In his session, "Elastic Application Performance Market View," Miko will examine the dizzying array of options available today for architecting scalability into applications from Day 1.

When Dr. James McCaffrey, a popular veteran of 1105 Media's Visual Studio Live! conferences and Visual Studio Magazine columnist, responded to my e-mail pestering by saying that he might have a totally new tool to present at our show, and that this tool was designed for developers interested in neural networks, I swallowed my gum! You've probably heard about Microsoft's new cloud-based machine-learning tool, Machine Learning Studio, the beta of which was unveiled in July. His presentation is titled: "Understanding Neural Networks Using Python." McCaffrey, who works at Microsoft Research, promises that attendees will come away from his session with an in-depth understanding of neural networks -- and to include one of the first public demos of the new Machine Learning Studio.

I am also very excited about Ian Skerrett's session, "Introducing Eclipse IoT: Accelerating IoT Development." Over the past two years, the Eclipse Foundation has been developing a community of open source projects for Internet of Things developers. That community now comprises 15 different projects, and includes implementations of popular IoT standards, such as CoAP, MQTT, and Lightweight M2M. Ian is the man who has been leading the effort to build that community. He will be talking about the project itself and how to use the technologies it encompasses to get started building IoT solutions.

One of my favorite tech industry watchers, Theresa Lanowitz, founder of voke inc., is also presenting at our show. Her official bio says that she's widely recognized as "a strategic thinker and influencer in the application life cycle, virtualization, cloud computing, and convergence markets." I usually hate to use PR-speak, but that line is right on the money. Cool tidbit from that bio: She worked on the original JBuilder IDE. I've interviewed Theresa many times, and I'm looking forward to both of her sessions: "Extreme Automation: Software Quality for the Next-Generation Enterprise," and "Software Quality in the Sound Bite Era."

And our own Agile Architect, Dr. Mark Balbes, will be among the speakers kicking off the show with his session, "The State of Agile." Mark will be talking about the evolution of Agile -- what works, what doesn't and where the Agile movement might be heading in the future. He'll also be there to wrap things up with our closing panel, "Agile Techniques and Best Practices," which will feature Mark, Matt Philip and Jason Tice, the Three Agilistos from our popular summer webcast. I'll be moderating this panel, so it'll be worth attending for my embarrassing gaffes alone.

It's no exaggeration to say that this is just the tip of the iceberg. This is our first-ever ADT-branded event, and we went all out to put together what I believe is a killer agenda with sessions focused on the enterprise developer. App Dev Trends 2014 runs Dec. 8-11 at the Mandalay Bay Resort and Casino in Las Vegas. Hope to see you there!

Posted by John K. Waters on 08/20/2014 at 3:25 PM0 comments

LiveRebel Gives Up on the Ghost

Java toolmaker ZeroTurnaround's software release automation tool, LiveRebel, is a little less live than it was a week ago. The company pulled the plug on the three-year-old sibling of its JRebel JVM plug-in (and newly birthed XRebel Java profiler). Company founder and CEO Jevgeni Kabanov, delivered the news in a blog post, though he says customers were contacted before he posted.

I caught up with Kabanov via Skype in Estonia, where his company is headquartered, to ask him about it. He said there just wasn't enough of a mid-range release management market to sustain the product.

"LiveRebel was aimed at the mid-market," he said. "That's a few dozen up to a couple hundred servers. But most of our competitors were going after customers with hundreds to thousands of servers. We just felt that there was a significant opportunity cost for going after that market."

Another problem, Kabanov said he believes, is that there is no agreement currently on exactly what a "release management" product should do -- especially within the context of a rapidly evolving of DevOps and continuous delivery movements. But perhaps more important, whatever release management is, it doesn't currently seem to be at the top of ZT's customers' to do lists. In his blog post, he put it this way: "Release management provides little value if you don't have automated builds, provisioning, and a well-defined release process, and unfortunately most potential customers would have none of those."

"It was a tough decision emotionally, but from a business perspective, it was quite straight forward," he said. "For now, we're continuing to focus on the developer tools market, which is our strength. But we're not closing any doors on what we might do in the future."

LiveRebel 1.0 was released in May 2011 after about three years of development "in the far northern country of Estonia as an attempt to re-invent product updates." The final version, 3.1, was released last month. Kabanov said active customers would be getting refunds and support and help migrate off LiveRebel until August 2015.

The Tartu, Estonia-based company is probably best known for its JRebel plug-in, which integrates with the Java Virtual Machine (JVM) and app servers on the class loader level, and allows developers to make on-the-fly code changes in Java class files. In June, the company released an interactive Java profiler called XRebel. The company also operates a research and content organization, Rebel Labs, which publishes free, vendor-neutral technical resources.

Posted by John K. Waters on 08/13/2014 at 4:34 PM0 comments

'Mobile Disruption' Leading to More Strategic Development

Enterprise developers struggling with the challenges associated with mobile application development may not be settling on a single, one-size-fits-all tool or platform just yet, but they are approaching those challenges more strategically. That, according to IDC analyst Al Hilwa, writing in a recently published report: "Negotiating the Mobile Disruption: Approaches for Multiplatform Application Development."

Hilwa, who is a research director in IDC's Application Development Software group, told me that he's trying to be the voice of reason in this report, offering "concrete, realistic advice to enterprises."

He first states the obvious, that "the central problem in mobile application development is addressing the variety of platforms and devices that employees can bring into the enterprise in a productive and agile manner…" What's not so obvious, he reminds us, is that until recently, enterprises have been side-stepping the so-called mobile revolution "engaging the consumers of their products with B2C apps, often developed by outside agencies or contractors." But the no-end-in-sight proliferation of mobile devices in the hands of employees -- and the promise of a more productive and mobile workforce -- has forced enterprises to address mobile more strategically and in-house.

"Since 2012," Hilwa writes, "enterprises have begun to tackle mobility more strategically by tagging their internal custom application development teams to skill up on mobile application development and take a more systematic approach to developing suites of applications that overhaul how certain internal business divisions, especially mobile sales and field forces, operate."

And there's another problem: The big three platforms—iOS, Android, and Windows—have focused on consumers, and haven't paid much attention to enterprise software licensing requirements. "For enterprises, tightly controlled application platforms with vendor-anointed tools and programming languages mean limitations in choice, an inability to leverage existing developer skills and, most importantly, an inability to easily develop code for multiple platforms," Hilwa writes.

In the midst of this "mobile disruption," four general approaches have emerged or enterprise mobile app developers: native, Web, hybrid, and third-party. Developing native apps for particular platforms requires platform owner–supplied/approved programming languages, runtimes, frameworks, and tool chains. Developing Web apps that use the browser as a runtime and app platform are typically sandboxed, so they can't access native platform features. Hybrid apps use Web apps with a thin wrapper that allows them to be distributed via app stores, which means they can access to some native platform features. And third-party-supplied runtimes or app platforms, which can come with their own programming languages, frameworks, and developer tool chains, produce full "native" apps that can be delivered through device platform owner–supplied app stores.

In the end, most enterprises will follow more than one mobile app development approach, Hilwa predicts, though he expects most to deliver as hybrids or as third-party cross-platform apps.

Now for some of that concrete advice: Because app dev tools, frameworks, and middleware aimed at enterprises are increasingly integrating HTML5 support, it will be in the best interest of enterprise developers to "embrace the Web ecosystem of skills and set up Web developer teams along with existing Java and Microsoft ecosystem developer teams."

Here's another one: Enterprises moving from a tactical to a strategic approach to mobile app development will want to "embrace an API architecture for back-end systems." In fact, "such enterprises should begin re-architecting their back-end systems and data assets into API services before embarking on extensive mobile application building."

There's a lot more in this report, and it's well worth reading in its entirety. Also, in case you missed it, my colleague David Ramel's most recent Dev Watch column ("Doubts About Cross-Platform Mobile Development") cites a number of studies on or related to this topic.

Posted by John K. Waters on 08/07/2014 at 4:32 PM0 comments

Building the Next Big App: Experts Weigh In

How are shifting consumer behaviors, new digital channels, application standards, and open source trends influencing current approaches to customer-facing software development? That's a big, scary question, but the panel of experts assembled to answer that question during Actuate's iHub F-Type launch in San Jose recently weren't intimidated in the least.

In fact, customer strategist Esteban Kolsky, principal and founder of ThinkJar, took issue with the title of the panel -- "Building the Next Big App" -- arguing that the next big app could very well be small.

"Anyone here have the Starbucks app on their phones?" he asked the crowd. (Some hands went up.) "It's more than that I bet! My point is, this is a very small app that does only three things: it finds a new Starbucks, it lets you charge it, and it lets you see what your rewards are. It's not a big app at all, and that's what's very interesting going forward." The next big app, he said, is probably going to be a small, special purpose application.

Stephen O'Grady, principal analyst and co-founder of Redmonk and a truly developer-focused industry watcher, said it was clear to him that, whatever the next big app might be, its development will be driven by data. He pointed to ride-sharing service Uber, which relies on a mobile app that not only connects passengers with drivers of vehicles for hire, but also provides end-user data the company can mine to make better decisions about growing the business.

Mike Milinkovich, executive director of the Eclipse Foundation, who has watched more than a decade of open-source action from the front lines, observed that the small, narrowly focused apps Kolsky saw in our future would depend on the data O'Grady saw as a driver of development.

"I don't think [the next big apps] have to be data driven," he said. "But even the simplest of apps will generate data that can be utilized, monetized, and become the source of new and interesting business models, and even social models. That's where I think things are going."

Which is not to say that the data isn't a driver in this space, Milinkovich added. "It used to be that new product ideas were essentially based on conjecture," he said. "We were guessing that this might be an opportunity. Now there's much more hard data to base that guess on. There's much more data-driven innovation, rather than inspiration-driven innovation."

Loie Maxwell, chief marketing officer at Social Imprints and former vice president ofcCreative at Starbucks, suggested that the relationship between small apps and big data lies at the heart of the kinds of end-user experiences that will differentiate the next big app.  

"That data doesn't just sit somewhere," she said. "Or it shouldn't, because the data can drive continuous improvement, which can lead to better user experiences, better services, and possibly those new business opportunities you were talking about."

Kolsky pointed to two more essential links in this Next Big App chain: connectivity and analytics tools. "The data has existed forever," he said. "But now everything is connected and we have the tools to collect and process it. That's the critical aspect of this environment."

Moderator Allen Bonde, vice president of product marketing and innovation at Actuate, asked the panel what they thought about the notion that, when it comes to data, "fast" is the new "big." Kolsky liked the idea.

"The whole concept of big data stems from the fact that we can collect, process, store, and manipulate data hundreds of times faster than we ever could before," Kolsky said. "When people talk to me about big data, the first thing they ask is how to deal with it in real time."

"The truth is, an awful lot of the data that companies we deal with are looking at is not even remotely big data," O'Grady said. "We're not talking petabytes, but terabytes. In some cases the [smaller] data sets can give you huge insights."

How much is the consumerization of IT influencing the development of the Next Big App, Bonde asked the panel.

 "It's about the visualization of data," Maxwell. "It used to be that you needed to hire an analyst at hundreds of dollars an hour to analyze the data, break it down, and tell you what you needed to be doing. Now we're creating tools that allow individuals to create visualizations of data for their own business needs. There's a democratization there, with apps showing up [in the enterprise] that are much more user friendly in this way. That's certainly picking up on what the consumer population has to have in order to adopt a product. It's changing the designs of enterprise software."

To Bonde's question about the impact of open source on the Next Big App, O'Grady opined that OSS hasn't been much of a direct driver of good design or usability, but that it has driven bottom-up adoption, which has profoundly changed the way technologies are procured in the enterprise -- and almost as a side effect, improved design.

"Ten years ago, I could sell my business applications basically one person, the CIO, and what the product looked like wasn't all that important," he said. "But today it's a lot different. It's much more like selling iPhones. You don't sell iPhones to an executive who then rolls them out to the company. You sell an iPhone to each individual in the company. So things like design, usability, availability, installation, and ease of use matter."

Milinkovich pointed out that "big data" was one of the first major enterprise software trends to emerge first from the open source community, via the Apache Hadoop project, which spawned companies like Cloudera and Hortonworks. "It was bottom-up adoption, as developer realized what they could do with these tools, that made it happen," he said. "And it was definitely driven by open source."

Bonde wrapped up the presentation by asking for some advice from the panelists for developers and designers thinking about the next big app.

Milinkovich pointed to the "huge opportunities" emerging over the next decade from the Internet of Things and a world in which we will be increasingly surrounded by sensors gathering data. Application developers should be prepared to take advantage of the tools and technologies that support the analysis of that data for real-time decision making.

O'Grady advised developers to take advantage of technologies connect them with users to gain deeper insights into their applications. "You should consider the possibility that in many cases the best outcome of a question [from a user] is the next question," he said. "You're never going to be able to answer perfectly a given user's question. But each question presents you an opportunity to say, hey, that's something I didn't know, and to follow up with the next question and the next question after that. That's how you get the big insight."

"Among the tech startups I've worked with, the ones who invested in the user experience and made it something users could fall in love with are the ones who saw the greatest return the fastest," said Maxwell. "In too many situations I've seen, that's almost an afterthought."

"I wouldn't spend any time thinking or worrying about big data or any of that," Kolsky said. "I'd just say, invest your time developing something people actually need."

Posted by John K. Waters on 07/28/2014 at 4:33 PM0 comments

Upcoming Events


Sign up for our newsletter.

I agree to this site's Privacy Policy.